- Dev Notes
- Posts
- White House Recommends Software Be Written in Memory Safe Languages
White House Recommends Software Be Written in Memory Safe Languages
The White House is recommending critical software be written in memory safe languages to eliminate vulnerabilities. Meanwhile, Nvidia's CEO sparked debate by arguing kids should skip coding since AI can generate it, though experts disagree given programming's enduring value. With security suffering due to outdated "zombie code" components according to a new report, addressing software vulnerabilities remains imperative.
White House Recommends Software Be Written in Memory Safe Languages
The White House Office of the National Cyber Director (ONCD) has released a new technical report with recommendations for improving software security.
Memory Safety: The report calls on the software industry to adopt memory-safe programming languages. Memory safety vulnerabilities are a major cause of software bugs and cybersecurity threats.
Languages like Rust, Go, and Java eliminate many memory safety issues through automatic memory management
New hardware extensions like memory tagging provide runtime checking of memory accesses
Adopting memory safe languages and capabilities for critical systems would drastically reduce vulnerabilities.
Measurability: The report also advocates for better ways to measure software security that would:
Allow prioritizing vulnerabilities based on data rather than guesses
Provide visibility into supply chain risks
Incentivize long-term security investments
The ONCD is urging CEOs and technical leaders to adopt memory safe languages and practices as a crucial step toward securing software against threats.
Read More Here
Nvidia CEO Claims Kids Should Skip Learning Coding
Nvidia CEO Jensen Huang recently made a controversial statement during a speech. He claimed that kids should not learn coding since AI is now advanced enough to handle most programming tasks.
Huang argued that rather than spend time learning languages like Python or Java, young people should focus their efforts on building domain expertise in areas like:
Biology
Manufacturing
Agriculture
His reasoning is that as AI translation systems get better at turning regular human language into working code, programming languages themselves will become irrelevant. In his view, human languages will be sufficient for "programming" using AI.
Many industry experts objected to Huang's viewpoint:
They point out that while AI tools like GitHub Copilot are handy helpers, human guidance and specialized know-how is still essential for managing large, complex software projects. Additionally, learning coding principles teaches beneficial logical thinking skills that apply across many technical fields.
While AI will surely keep revolutionizing software development, the consensus is that core programming skills remain important for now and demand for qualified human developers is likely to stay strong for decades. Given this, most experts feel Huang's advice for kids to avoid learning coding seems short-sighted, even coming from the CEO of a major AI chip company.
Read More Here
Security suffering due to a “zombie code” apocalypse
Synopsys released its yearly Open Source Security and Risk Analysis report, which examines the security of open source code across many industries.
Outdated Components
91% of codebases have old, unsupported "zombie code" open source components
49% have no development activity in 2+ years
The report also found the average age of vulnerabilities is 2.5 years, with nearly 25% over 10 years old. Compared to last year, the prevalence of high-risk vulnerabilities jumped from 48% to 74% of codebases.
Reasons given include:
Layoffs reducing available developers to update and secure code
Pressure to deliver faster leads teams to cut corners on dependency management
Licensing Issues
53% have open source license conflicts
31% no license or invalid license
Read More Here
🔥 More Notes
Octopus Deploy acquires Codefresh, expanding its CI/CD capabilities with GitOps
Mistral AI announces its largest AI model yet and a partnership with Microsoft for deployment
Demystifying GPUs for CPU-centric programmers
🎥 Youtube Spotlight
The Trillion Dollar Equation
The Trillion Dollar Equation explores the impact of a revolutionary equation from physics on the financial markets. It delves into how physicists and mathematicians have used this equation to beat the stock market, understand the pricing of options, and pioneer innovative strategies in the finance industry.
Was this forwarded to you? Sign Up Here
Reply